[syslog-ng] [Bug 108] 2.6.38+ will require CAP_SYSLOG (CAP_SYS_ADMIN not enough)
bugzilla at bugzilla.balabit.com
bugzilla at bugzilla.balabit.com
Sun Oct 23 09:20:21 CEST 2011
https://bugzilla.balabit.com/show_bug.cgi?id=108
Balazs Scheidler <bazsi at balabit.hu> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bazsi at balabit.hu
Resolution| |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #36 from Balazs Scheidler <bazsi at balabit.hu> 2011-10-23 09:20:21 ---
I've applied the patch in this bugreport, closing.
commit 5afe42abe1be685a4714c691b277c24617438578
Author: Gergely Nagy <algernon at balabit.hu>
Date: Sun Sep 25 13:43:33 2011 +0200
gprocess: Implement stricter CAP_SYSLOG checking.
Some distributions ship libcap with headers generated from the kernel
sources, instead of the headers of libcap itself, resulting in the
headers and the library diagreeing about what capabilities are
supported.
For this reason, before deciding whether CAP_SYSLOG is supported,
verify that libcap can actually parse it, and fall back to
CAP_SYS_ADMIN if it can't.
The benefit of this is that even if ran on such a system, syslog-ng
will still continue to work (albeit triggering a kernel warning)
instead of terminating.
Signed-off-by: Gergely Nagy <algernon at balabit.hu>
--
Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the syslog-ng
mailing list